ok people... its about to get real.. real technical.. in a way that I am not professionally prepared for but perhaps will spark some enlightened debate and possibly flush some best practices
without posting tons of smpt and esxi performance graphs and esxtop results.. lets just say that I have seen shifts in esxi / napp-it / zfs workload performances since updating esxi on this older s5520hc / l5640 based server from esxi 6.0 to 6.0u3.
assumptions..
1 > that esxi base code has evolved to software patch specter / meltdown
2> that having not updated my motherboard bios/microcode since this came out is not helping/ maybe it is
here is an excerpt from an article as I started researching WHY my box of late has been showing CPU and moreover interrupt numbers that are off the chart literally compared to historical numbers for the same server a year or more ago. Its not uncommon and actually routine now to see napp-it vm not just spike but hold over 30,000 interrupts per second while doing 1GBE wired file transfers via SMB into napp-it ... you heard that right.. 30k. additionally, napp-it has 4vcpu on a box that only subscribes 16vcpu out of 24 available but yet during these transfers.. see the napp-it vm sit at a solid 50% cpu use.. IE is monopolizing 1 core 100%/ both threads. pool wait and busy numbers are way below 50% so its not disk / pool related ...
I believe the issue is that the patches for these 2 BUGS was a fundamental way of re-mapping how system calls, context switching, and interrupt handling as well as memory page swaging between user space and kernel space... is delt with.. changed to mitigate the exposure to these security issues..
what is unclear to my.. at a technical level.. is that IF esxi 6.0u3 running specter patches on a board/cpu micro code that has not been bios updated is making it worse.. of if the micro code was also changed.. performance would take further hits.
here is the excerpt - also in the article a user that was operating in a zfs - lz4 - database environment saw performance hits between 20-40 %
Remediating Meltdown – which is present in modern Intel processors – involves enforcing complete separation between user processes' virtual memory spaces and the kernel's virtual memory areas. Rather than map the kernel into the top portion of every process's virtual memory space where it remains invisible unless required to handle an interrupt or system call, the kernel is moved to a separate virtual address space and context. This fix prevents malware from exploiting the Meltdown CPU bug to read kernel memory from user mode, and is referred to as Kernel Page Table Isolation.
Switching back and forth between these contexts – from the user process context to the kernel context and back to the user process – involves reloading page tables, one set describing the user process and another describing the kernel. These tables map the process or kernel's virtual memory to physical blocks of RAM or swap space.
These context switches from user process to kernel to process not only takes time, it also flushes any cached virtual-to-physical memory translations, all in all causing a performance hit, particularly on workloads that involve a lot of IO or system calls. But with PCID, there's no need to flush the entire translation lookaside buffer (TLB) cache on every context switch as selected TLB entries can be retained in the processor.
OK ... hash it out!!
without posting tons of smpt and esxi performance graphs and esxtop results.. lets just say that I have seen shifts in esxi / napp-it / zfs workload performances since updating esxi on this older s5520hc / l5640 based server from esxi 6.0 to 6.0u3.
assumptions..
1 > that esxi base code has evolved to software patch specter / meltdown
2> that having not updated my motherboard bios/microcode since this came out is not helping/ maybe it is
here is an excerpt from an article as I started researching WHY my box of late has been showing CPU and moreover interrupt numbers that are off the chart literally compared to historical numbers for the same server a year or more ago. Its not uncommon and actually routine now to see napp-it vm not just spike but hold over 30,000 interrupts per second while doing 1GBE wired file transfers via SMB into napp-it ... you heard that right.. 30k. additionally, napp-it has 4vcpu on a box that only subscribes 16vcpu out of 24 available but yet during these transfers.. see the napp-it vm sit at a solid 50% cpu use.. IE is monopolizing 1 core 100%/ both threads. pool wait and busy numbers are way below 50% so its not disk / pool related ...
I believe the issue is that the patches for these 2 BUGS was a fundamental way of re-mapping how system calls, context switching, and interrupt handling as well as memory page swaging between user space and kernel space... is delt with.. changed to mitigate the exposure to these security issues..
what is unclear to my.. at a technical level.. is that IF esxi 6.0u3 running specter patches on a board/cpu micro code that has not been bios updated is making it worse.. of if the micro code was also changed.. performance would take further hits.
here is the excerpt - also in the article a user that was operating in a zfs - lz4 - database environment saw performance hits between 20-40 %
Remediating Meltdown – which is present in modern Intel processors – involves enforcing complete separation between user processes' virtual memory spaces and the kernel's virtual memory areas. Rather than map the kernel into the top portion of every process's virtual memory space where it remains invisible unless required to handle an interrupt or system call, the kernel is moved to a separate virtual address space and context. This fix prevents malware from exploiting the Meltdown CPU bug to read kernel memory from user mode, and is referred to as Kernel Page Table Isolation.
Switching back and forth between these contexts – from the user process context to the kernel context and back to the user process – involves reloading page tables, one set describing the user process and another describing the kernel. These tables map the process or kernel's virtual memory to physical blocks of RAM or swap space.
These context switches from user process to kernel to process not only takes time, it also flushes any cached virtual-to-physical memory translations, all in all causing a performance hit, particularly on workloads that involve a lot of IO or system calls. But with PCID, there's no need to flush the entire translation lookaside buffer (TLB) cache on every context switch as selected TLB entries can be retained in the processor.
OK ... hash it out!!
